From 22e2a468731b8345bdb73d114bf0c1b1d3ffed5f Mon Sep 17 00:00:00 2001
From: rwatson <rwatson@FreeBSD.org>
Date: Wed, 13 Dec 2000 04:28:24 +0000
Subject: o Tighten restrictions on use of /proc/pid/ctl and move access checks
   in ctl to using centralized p_can() inter-process access control  
 interface.

Reviewed by:	sef
---
 sys/fs/procfs/procfs_ctl.c | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

(limited to 'sys/fs')

diff --git a/sys/fs/procfs/procfs_ctl.c b/sys/fs/procfs/procfs_ctl.c
index 72ad575..f445572 100644
--- a/sys/fs/procfs/procfs_ctl.c
+++ b/sys/fs/procfs/procfs_ctl.c
@@ -111,6 +111,16 @@ procfs_control(curp, p, op)
 	int error;
 
 	/*
+	 * Authorization check: rely on normal debugging protection, except
+	 * allow processes to disengage debugging on a process onto which
+	 * they have previously attached, but no longer have permission to
+	 * debug.
+	 */
+	if (op != PROCFS_CTL_DETACH &&
+	    ((error = p_can(curp, p, P_CAN_DEBUG, NULL))))
+		return (error);
+
+	/*
 	 * Attach - attaches the target process for debugging
 	 * by the calling process.
 	 */
@@ -123,10 +133,6 @@ procfs_control(curp, p, op)
 		if (p->p_pid == curp->p_pid)
 			return (EINVAL);
 
-		/* can't trace init when securelevel > 0 */
-		if (securelevel > 0 && p->p_pid == 1)
-			return (EPERM);
-
 		/*
 		 * Go ahead and set the trace flag.
 		 * Save the old parent (it's reset in
-- 
cgit v1.1